Transcription

2 What Does Your In-House E-Discovery Look Like? 53% indicate a GROWING CASE LOAD 55 % review MORE THAN HALF of their cases internally 72 % are using E-DISCOVERY SOFTWARE 46 % have MORE THAN ONE E-Discovery Software Solution What Are Your Collection Requirements? 50 % 44% want to collect ESI FROM THE CLOUD 33 % reuse PRIOR COLLECTIONS have a BYOD program with 50% PARTICIPATION This paper is written by Chris Dale of the UK-based edisclosure Information Project in conjunction with Guidance Software. It is based on the results of Guidance Software s Second Annual E-Discovery Survey, which analyzed the responses of nearly 100 people from in-house legal departments and e-discovery service providers. About the Author Chris Dale runs the edisclosure Information Project which disseminates information about the court rules, the problems, and the technology to lawyers and their clients, to judges, and to suppliers. He was a member of Senior Master Whitaker s Working Party which drafted the 2010 edisclosure Practice Direction and Electronic Documents Questionnaire. Chris writes an authoritative and objective web site and blog on the subject and is a well-known speaker and commentator in the UK, the US and any jurisdiction which requires electronic discovery of documents. Chris is an English solicitor and was a litigation partner in London, a litigation software developer and litigation support consultant before turning to commentary on electronic disclosure / discovery. 2

3 JOB ROLES Inside Counsel % Other % Paralegal % Chief Legal Officer - 3.1% E-Discovery Manager % Figure 1: Job functions of E-Discovery Survey Respondents One of the survey s aims was to establish who is taking responsibility for handling electronic discovery between the corporation itself and outsourced providers. Other questions related to the level of e-discovery activity, to the sources of ESI (electronically stored information), to the distribution of work (e.g. as between in-house teams and outsourcers), and to things like cybersecurity and information governance. Guidance Software s first e-discovery survey, in 2014, showed a clear trend towards greater involvement by in-house legal departments in the management of the e-discovery process, with more control being taken by the corporations; they did this either by setting up their own teams and installing their own software or, at the least, by exercising more direct management over the conduct of e-discovery by, for example, dictating the choice of method, of provider or of software tools. The 2015 survey goes yet further in the same direction. There is now more hands-on control of other things relating to the management of information, not least cybersecurity - cost is not the only factor driving the move in-house. 3

4 Summary of the Key Findings 53.5 percent indicated that caseloads are growing 55 percent of those surveyed review more than 50 percent of their cases internally 72 percent have an e-discovery software solution, with 46.7 percent having more than one 50 percent reported having a bring-your-own-device (BYOD) program in place with an average of 50 percent participation by employees 44.4 percent want the ability to collect ESI from the cloud in a defensible manner Other questions related to levels of cybersecurity readiness, collection from social media platforms, the use of TAR (technology-assisted review), and the status (or not) of any information governance initiative. Litigation Caseloads and Review Companies are facing more litigation, with 53.5 percent of the respondents indicating an increase in litigation volume year over year. It needs no survey to suggest that companies data volumes are also increasing year over year, so when this is added to an increase in the number of cases, one can see why companies are looking at alternative strategies for managing it. More than half the respondents indicated that they review more than half of the cases internally, a slight increase since last year. Of the cases that make it to review, what percentage are reviewed internally vs. by outside counsel / legal service provider? 40% 35% 30% 32.3% 35.4% 25% 20% 24% 15% 10% 5% 8.3% 0% Between 100%-75% are reviewed internally Between 75%-50% are reviewed internally Between 50%-25% are reviewed internally Less than 25% are reviewed internally Figure 2: Percentage of cases that are reviewed internally 4

5 Companies are not just taking the task in-house, but thinking about better and more effective ways of dealing with it, not least methods that are more easily performed behind the firewall than from outside it. A notable trend is the increase in work product re-use, with 32.6 percent of respondents using the prior collections for early case assessment. In many cases, that content has already been reviewed and tagged. If outside lawyers have been slow to adopt technology assisted review, their clients have been quicker to appreciate the benefits. In this survey, 35.7 percent of respondents reported using TAR on more than 50 percent of their cases, up from 23 percent in The primary uses are data culling, early case assessment, and responsive review. BYOD, Cloud, and Social Media Stepping outside the survey for a moment, the increase in the trend known as BYOD grew unobserved by many companies and, indeed, by their lawyers. Many, if not most, employees now have one or more devices that are connected to the Internet outside the protection of the firewall. The fact that many of them are also connected to the company s systems raises one set of issues. Others derive from the ease with which employees may remove data from the company, introduce data or application programs from outside, and use their own devices for company business, each of which has the potential to cause problems even before discovery implications are considered. It can make it almost impossible for a company to be certain that it has fulfilled its discovery obligations; even if the existence of devices and data is known about, questions arise about the ownership of data and its mixture with private information. Since it is, in practice, impossible to control this as a technical matter, it is necessary to establish policies which govern the use of non-company devices. In this survey, 50.5 percent of respondents said that they already offer a BYOD program, 20 percent are working on one, and percent have no plans to offer a BYOD program for employees. If that deals with devices, there is the separate (though often related) problem of cloud collection. Of the survey respondents, 44.4 percent see a business need, now or in the coming year, to collect from cloud repositories such as Box, Dropbox, Google Drive, or SkyDrive. It is not clear whether the others have considered the question and decided there is no need to address it or have not applied their minds to to establish policies which govern the use of non-company devices. 5

6 60% Which cloud repositories do you want to collect? 50% 56.9% 51.7% 51.7% 40% 44.8% 30% 20% 20.7% 10% 0% Box Dropbox Google Drive SkyDrive (Microsoft) Other Figure 3: Of the 44.4% respondents who indicated that they needed to collect from the cloud, this chart shows their priorities for cloud repositories Respondents were asked a similar question about social media platforms. A smaller number, 34.5 percent, foresaw a business need to collect from social media platforms for e-discovery purposes, with Facebook (95.1 percent percent), Twitter (85.4 percent) and LinkedIn (70.7 percent) being the sites that mattered for these purposes. Information Security Security breaches are a concern, with 65.2 percent of those surveyed indicating that legal and security teams are meeting more regularly. This year, 47.8 percent indicated that they now have security provisions with their vendors, and 31.9 percent have requested sensitive data maps. 6

7 80% 70% With the increasing threat of security breaches, what steps is your organization taking to strengthen your security posture? 60% 65.7% 50% 40% 47.1% 30% 20% 27.1% 31.4% 10% 0% 12.9% 12.9% We have reorganized such that security reports to legal We have engaged an outside law firm specializing in security We have established relationships with law enforcement so that we are prepared in case there is a breach Supplier agreements now include security provisions We have asked our Security team for a sensitive data map We are meeting regularly with our Security team to plan and implement strong security policies and procedures Figure 4: This chart shows the actions organizations have taken in response to concerns over security breaches Information Governance The expression information governance embraces a wide range of programs, policies, and initiatives for which responsibility is spread across different divisions in a company such as Legal, IT, Privacy, and others. Information governance implies a program concerned both with extracting value and mitigating the cost and risk inherent in information. The most interesting statistic in the survey is that 37.3 percent of organizations claim to have an information governance program in place, with 29.3 percent either planning or implementing one, and 20 percent discussing an information governance initiative. Again, it will be interesting in future surveys to include a more granular set of questions aimed at identifying which problems and functions were addressed by these initiatives. The answers to the survey indicate that organization-wide management of information is moving up the agenda. 7

8 E-Discovery Tools Seventy-two percent of the respondents indicated that they have one or more e-discovery solutions in-house, and 46.7 percent of those have more than one solution. Again, it would be interesting to see a breakdown of the type of solutions in place. It is reasonable to assume that the most common tools are those whose function is legal hold, data collection, and at least the early stages of processing, including culling and, perhaps, tools giving the ability to conduct a first-pass review aimed at giving an early assessment of the case. The answer to the earlier question about the percentage of cases reviewed internally to which percent of respondents indicated that between 100 percent and 75 percent were reviewed internally - suggests that a high proportion of those who have e-discovery software use it for more than just legal hold and collection. Conclusion The answers to this survey suggest a continuing move towards bringing some at least of the e-discovery process in-house, together with a growing appreciation by legal teams of the need to look more widely than the company s own data sources. Twenty-eight percent of respondents indicated either that they did not have any discovery solution or that they outsource their e-discovery work. It is probable that a number of those who do have in-house resources use them only for early stages and thereafter send them out for management by an outsourced provider. It would be interesting next year to seek a more granular breakdown of this, aimed at identifying, for example, how many companies host the data, giving access behind the firewall to their lawyers, and how many (after a certain stage at least) send it out to be hosted elsewhere. 8

9 Our Customers Guidance Software customers are corporations and government agencies in a wide variety of industries, such as financial and insurance services, technology, defense contracting, pharmaceutical, manufacturing and retail. Representative customers include Allstate, Chevron, FBI, Ford, General Electric, Honeywell, NATO, Northrop Grumman, Pfizer, SEC, UnitedHealth Group, and Viacom. About Guidance Software (NASDAQ: GUID) Guidance Software is recognized worldwide as the industry leader in endpoint investigation solutions for security incident response and forensic analysis. Its EnCase Enterprise platform, deployed on an estimated 20 million endpoints, is used by more than 70 percent of the Fortune 100 and more than 40 percent of the Fortune 500, and numerous government agencies, to conduct digital investigations of servers, laptops, desktops and mobile devices. Built on the EnCase Enterprise platform are market-leading cyber security and electronic discovery solutions, EnCase Cybersecurity, EnCase Analytics, and EnCase ediscovery. They empower organizations to conduct speedy and thorough security incident response, reveal previously hidden advanced persistent threats or malicious insider activity, perform sensitive data discovery for compliance purposes, and respond to litigation discovery requests. For more information about Guidance Software, visit This paper is provided as an informational resource only. The information contained in this document should not be considered or relied upon legal counsel or advice. EnCase, EnScript, FastBloc, EnCE, EnCEP, Guidance Software and Tableau are registered trademarks or trademarks owned by Guidance Software in the United States and other jurisdictions and may not be used without prior written permission. All other trademarks and copyrights referenced in this press release are the property of their respective owners.

Digital Forensics Services A KPMG SERVICE FOR G-CLOUD VII October 2015 kpmg.co.uk Digital Forensics Services KPMG PROVIDES RELIABLE END TO END COMPUTER FORENSIC AND EXPERT WITNESS SERVICES We bring together

Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...

Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...

A White Paper from AccessData Group The Future of Mobile E-Discovery Contents 1. The changing landscape of e-discovery 2. New expectations in the courtroom 3. Mobile discovery within corporations 4. MPE+

A White Paper from AccessData Group The Future of Mobile E-Discovery Contents 1. The changing landscape of e-discovery 2. New expectations in the courtroom 3. Mobile discovery within corporations 4. MPE+

E- Discovery in Criminal Law ! An e-discovery Solution for the Criminal Context Criminal lawyers often lack formal procedures to guide them through preservation, collection and analysis of electronically

Predictive Coding in UK Civil Litigation White Paper by Chris Dale of the e-disclosure Information Project THE PURPOSE OF THIS PAPER This paper considers the use of technology known as Predictive Coding

LEGAL TECHNOLOGIES AND COMPUTER FORENSICS DECEMBER 2013 Copyright Control Risks. All rights reserved. This document cannot be reproduced without the express written permission of Control Risks. Any reproduction

BeyondInsight Version 5.6 New and Updated Features BeyondInsight 5.6 Expands Risk Visibility Across New Endpoint, Cloud and Firewall Environments; Adds Proactive Threat Alerts The BeyondInsight IT Risk

AccessData Corporation No More Load Files Integrating ediscovery and Summation to Eliminate Moving Data Between Litigation Support Products White Paper August 2010 TABLE OF CONTENTS Introduction... 1 The

GLOBAL FORENSIC AND DISPUTE SERVICES CYBER PROTECTION SPECIALISTS THE TEAM William Beer São Paulo William Beer brings over 25 years of diverse international consulting experience advising on and managing

RESEARCH PAPER Email archives: no longer fit for purpose? Most organisations are using email archiving systems designed in the 1990s: inflexible, non-compliant and expensive May 2013 Sponsored by Contents

January 2012 Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 All contents are Copyright 1992 2012 Cisco Systems, Inc. All rights reserved. This document

The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before

COURT OF QUEEN S BENCH OF MANITOBA PRACTICE DIRECTION GUIDELINES REGARDING DISCOVERY OF ELECTRONIC DOCUMENTS Introduction While electronic documents are included in the definition of document contained

Meeting E-Discovery Challenges with Confidence Meeting today s e-discovery and information governance challenges while setting the foundation for tomorrow s requirements is the goal of every legal team.

Brought to you by: ediscovery Policies: Planned Protection Saves More than Money Anticipating and Mitigating the Costs of Litigation Introduction: Rising costs of litigation The chance of your organization

http://www.ohioerc.org Purpose SOCIAL MEDIA: THE RECORDS MANAGEMENT CHALLENGE As society shifts from traditional methods of recordkeeping to electronic recordkeeping, the issues surrounding the management

IT@Intel White Paper Intel IT IT Best Practices IT Governance and IT Consumerization June 2012 Successful ediscovery in a Bring Your Own Device Environment Executive Overview Close collaboration between

DISCOVERING ediscovery Purpose This paper is the first in a series that are designed to educate organisations and increase awareness in the area of ediscovery technology. What is ediscovery? Electronic

If you have any technical problems with the Webcast or the streaming audio, please contact us via email at: webcast@acc.com Thank You! THIS WEBCAST WILL BEGIN SHORTLY Cloud-Based vs. On-Premise ediscovery

A Primer CLOUD COMPUTING DEMYSTIFIED 5 CLOUD COMPUTING MYTHS EVERY SMALL BUSINESS SHOULD KNOW ABOUT Everyone is talking about how cloud computing may bring considerable benefits to small and medium-sized

Security and Privacy Considerations for BYOD Carol Woodbury, President SkyView Partners, Inc 1 Introduction The world of BYOD (Bring Your Own Device) is rapidly expanding. You may not think it s happening

WHITE PAPER N Do Ex-Employees Still Have Access to Your Corporate Data? An Osterman Research White Paper Published August 2014 SPONSORED BY SPON sponsored by sponsored by Osterman Research, Inc. P.O. Box

Predictive Coding Defensibility and the Transparent Predictive Coding Workflow Who should read this paper Predictive coding is one of the most promising technologies to reduce the high cost of review by

6 June 2012 "Bring Your Own Device" Brings its Own Challenges By Susan McLean and Alistair Maughan The consumerisation of IT is the growing trend for information technology to emerge first in the consumer

Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.